Defines standards for creating, protecting and changing strong passwords. [MS Word]

Defines requirements and provides authority for the information security team to conduct IT audits and risk assessments.

Email must not be forwarded automatically to an external destination without prior approval from the appropriate manager.

Security criteria for an ASP.

Sample policy concerning the use of unsecured wireless communications technology.

Defines the requirements for Remote Access IPSec or L2TP Virtual Private Network (VPN) connections to the organization's network.

Sample agreement for establishing a connection to an external party.

Defines standards for minimal security configuration for servers inside the organization's production network, or used in a production capacity.

Sample policy defining the minimum requirement for all equipment located outside the corporate firewall.

Sample policy defining the assignment of sensitivity levels to information.